Dormant Malware And Hidden Hackers

Dormant Malware And Hidden Hackers

Can you protect your business from invisible threats?


With cyber security, it’s generally true that the less that seems to be happening, the better. Sure, you can check in the security logs to see what your defences have been up to, and you can set up alerts to inform you when an attack has been halted. But if everything is quiet, then disaster hasn’t yet struck, and that can only be a good thing – at least that’s what you might think.

The problem is not all cyber attacks announce themselves or cause obvious damage. Indeed, in some cases they may actually go out of their way to remain unnoticed, biding their time until they’re ready to strike.

A cyber criminal who gains unauthorised access to a network, for example, may want to stay hidden for as long as possible, so they can extract the maximum amount of data. In the Marriott Hotels case, we saw this writ large: hackers had had access to customer data for several years before the breach was detected.

Why and how does this happen? It could be that cyber criminals or malware make such small changes to systems that we just don’t notice them, or the victim doesn’t have the technical knowledge or cyber security to know something is wrong.

This kind of subtlety isn’t necessarily by design, though. You might download a virus, for instance, that doesn’t make any active attempts to remain hidden, but because it’s a zero-day infection (malware that is so new it doesn’t appear in anti-virus databases), it bypasses your firewall.

There’s also a breed of malware that is designed to remain in the shadows. It might do this by making changes to your IT devices, but not in ways that trigger your defences. Some malware even goes as far as to turn off your anti-virus software or to disguise itself as a legitimate app.

Not all attacks will happen immediately either. Another common tactic among hackers is to remain dormant, only swinging into action when they can make the most profit or cause the most damage. For all you know, your PC could be part of an unused botnet, set up by a criminal who then sells it to another criminal. It’s only when they activate the botnet and starting sending spam emails with it that you notice some performance slowdown on your computer. Even then, you may not register it as malware.

Of course, the better your cyber security, the less chance there is you’ll be compromised in this way. Nothing, however, is 100% effective. Your IT solutions could be affected already, and you wouldn’t necessarily know about it.

This is why TMB recommends a broad, distributed approach to cyber security, rather than focusing heavily on one or two areas while neglecting other parts of your cyber defence. The best firewall in the world, for example, can be rendered practically worthless if staff aren’t trained to avoid phishing scams. An effective strategy will pair protective measures like a firewall and multi-factor authentication with remedial solutions like backups and disaster recovery. That way, even if the worst happens, it won’t be game over for your business.

If you are at all unsure about your own cyber security arrangements, please contact TMB to find out how we can protect your business. It is, after all, much better to find out if your security is lacking before you're attacked, rather than after.

Categories

Download The TMB Guide To Cyber Security Now!

Recent Posts

Follow Us